The sbomify Blog
Content for software, product, and digital security experts
Blog
Securing the Software Supply Chain with SLSA: What You Need to Know
Abstract In a world where software is integral to almost every aspect of life, securing the software supply chain is more critical than ever. The increasing complexity of...
Understanding in-toto: Securing the Software Supply Chain
In today’s software landscape, securing the software supply chain is more crucial than ever. With increasing concerns about vulnerabilities and supply chain attacks, developers and organizations are looking...
Understanding Sigstore: Securing the Software Supply Chain
Summary: In an era where software supply chain attacks are becoming more common and sophisticated, Sigstore represents a critical advancement in securing software development practices. By lowering the...
Understanding Lock File Drift: A Hidden Risk in Dependency Management
In the world of software development, managing dependencies is crucial for ensuring the stability and security of applications. One often overlooked aspect of this process is the phenomenon...
How to Generate SBOMs for Python Packages with `pipdeptree` and `cyclonedx-py`
Software Bill of Materials (SBOMs) are essential for ensuring transparency and security in software supply chains. This guide will show you how to use pipdeptree and cyclonedx-py to...
Embracing Cybersecurity with CISA's 'Secure by Design' Initiative
In the ever-evolving landscape of cyber threats, the importance of integrating robust security measures into the earliest stages of software development cannot be overstated. Recognizing this need, the...
What's New in SPDX 3: Enhanced Referencing Capabilities
At sbomify, we pride ourselves on providing the latest insights and updates in the realm of Software Bill of Materials (SBOM). One of the most anticipated developments is...
Understanding the EU Cyber Resilience Act: The Role of SBOMs in Enhancing Cybersecurity
In an era where digital transformation is the norm, cybersecurity has become a paramount concern for organizations and governments worldwide. The European Union (EU) is at the forefront...
The Role of SBOMs in an OBOM: Ensuring Compliance and Security in Smart Thermometer Development
In today’s software landscape, compliance with security and transparency mandates is more critical than ever. Executive orders, such as the one issued by the U.S. government in May...
Enhancing Dependency Management with GitHub's Dependency Graph: An Analysis
Introduction
Framing Software Component Transparency: Establishing a Common Software Bill of Materials (SBOM)
As the digital world grows ever more complex, the tools we use to ensure software security and transparency must evolve. The 2nd edition of Framing Software Component Transparency:...
Get the latest SBOMs from the top 15 most popular images on Docker Hub
Most companies that use Docker also use Docker Hub in some capacity. Have you ever wondered how secure these images are? In our article Comprehensive Guide to Generating...